from django.http.response import HttpResponse
from django.shortcuts import render, redirect, reverse
from django.contrib import auth
from django.contrib.auth.decorators import login_required
from django.contrib.auth.models import User, AbstractUser

# Create your views here.

"""
使用auth模块就要用全套
"""


def login(request):
    if request.method == 'POST':
        username = request.POST.get('username')
        password = request.POST.get('password')
        # 去用户表中校验数据
        # 1.表如何获取
        # 2.密码如何对比
        # user_obj = auth.authenticate(request, username=username, password=password)
        user_obj = auth.authenticate(request, username=username, password=password)
        print(user_obj)  # AKW 用户对象 不存在None

        target_url = request.GET.get('next', '/home/')
        if user_obj:
            print(user_obj.username)  # AKW
            print(user_obj.password)  # pbkdf2_sha256$150000$FGQfGQhKCVSu$F4UkPUjfRapFATRAkKTLps9rgq4MIEiBpnud7WYrImg=
            # 保存用户登录状态
            auth.login(request, user=user_obj)  # 类似于 request.session[key] = user_obj
            # 只要执行了该方法, 你就可以在任何地方通过request.user获取到当前用户登录的用户对象

            return redirect(target_url)
        print(request.user)
        """
        1.自动查找auth_user表
        2.自动给密码加密再对比
            括号内必须同时传入用户名和密码
            不能只传用户名(一步就帮你筛选用户对象)
        """
    return render(request, 'login.html')


# @login_required(login_url='/login/')  # 局部配置
@login_required(login_url='/xxx/')  # 局部大于全局
def home(request):
    print(request.user)  # 用户对象  未登录的话是 AnonymousUser 匿名用户
    # 判断用户是否登录
    print(request.user.is_authenticated)  # 是否验证过
    return HttpResponse('home')


"""
1. 如果局部和全局都有 该听谁的
局部大于全局
"""


# @login_required(login_url='/login/')
@login_required
def index(request):
    return HttpResponse('index')


@login_required(login_url='')
def set_password(request):
    if request.method == 'POST':
        old_password = request.POST.get('old_password')
        new_password = request.POST.get('new_password')
        confirm_password = request.POST.get('confirm_password')
        if new_password == confirm_password:
            is_right = request.user.check_password(old_password)  # 自动加密比对密码
            if is_right:
                # 修改密码
                request.user.set_password(new_password)  # 仅仅是修改属性
                request.user.save()  # 这一步才是真正的操作数据库
        return redirect('login')
    return render(request, 'set_password.html', locals())


@login_required
def logout(request):
    auth.logout(request)  # 类似于request.session.flush()
    return redirect('login')


def register(request):
    if request.method == 'POST':
        username = request.POST.get('username')
        password = request.POST.get('password')
        # 操作auth_user表写入数据 from django.contrib.auth.models import User
        # user = User.objects.create(username=username, password=password)  # 写入数据不能用create, 密码没有加密处理
        # 创建普通用户
        # user = User.objects.create_user(username=username, password=password)
        # 创建超级用户 邮箱必填, 命令行创建可以不填
        user = User.objects.create_superuser(username=username, password=password, email='666@qq.com')
        print(user)
    return render(request, 'register.html')